Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/zyQOrEA-gZIbS9HcDtUTRDRhkag.roa
File: zyQOrEA-gZIbS9HcDtUTRDRhkag.roa (raw, json)
Hash identifier: H1UczZT02I/t8DEpb6g7DSAPqzxWzcEfac63ro1WFhw=
Subject key identifier: CF:24:0E:AC:40:3E:81:92:1B:4B:D1:DC:0E:D5:13:44:34:61:91:A8
Certificate issuer: /CN=6d069e19e12c104004e8b4b75f8a7789b7e11396
Certificate serial: 018570D544EE9FFEA786F010BF79767BDB7A
Authority key identifier: 6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/zyQOrEA-gZIbS9HcDtUTRDRhkag.roa
Signing time: Mon 02 Jan 2023 04:55:03 +0000
ROA not before: Mon 02 Jan 2023 04:55:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16243
IP address blocks: 144.43.240.0/21 maxlen: 24
144.43.252.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:29:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:44:ee:9f:fe:a7:86:f0:10:bf:79:76:7b:db:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d069e19e12c104004e8b4b75f8a7789b7e11396
Validity
Not Before: Jan 2 04:55:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf240eac403e81921b4bd1dc0ed51344346191a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:eb:97:8a:5f:79:41:81:a6:ef:ed:4b:2f:53:
e1:24:f5:1b:e8:1c:87:38:2a:57:ce:f2:91:89:b9:
67:c0:8a:9b:b3:7d:52:62:c8:de:74:2c:a9:e1:ed:
e5:fb:0d:ae:1b:a1:55:2d:61:1e:e3:cf:34:e2:67:
28:d7:f8:46:84:40:00:34:6c:d4:8e:5e:d6:0f:58:
0e:c4:27:d2:9a:86:e3:ac:82:2a:8a:b7:0d:a5:20:
c2:73:dd:82:47:48:4d:93:c5:57:54:8e:c1:e5:91:
6b:7f:5a:7d:e8:f3:b4:1d:c3:38:3f:ac:3b:b7:96:
27:b7:58:b5:a5:ce:d9:2d:02:30:cd:ae:c2:b3:71:
6b:23:b3:92:42:c6:0c:16:d9:7e:b6:42:bb:77:f5:
8b:36:1d:1c:d4:23:4b:db:b0:1c:a3:82:62:62:d9:
04:79:62:54:2a:34:28:e5:44:24:a5:7c:10:47:f1:
cb:3b:62:72:f9:f5:65:d2:a7:8a:ab:76:52:17:b0:
14:53:8c:f0:60:e3:c5:15:82:9c:91:b8:c7:e0:dc:
b7:d8:97:7b:6a:d1:02:39:88:19:b5:01:ef:af:33:
2c:ff:e3:a7:0a:6a:9f:63:92:67:46:2d:27:3b:da:
96:e8:ff:4f:88:85:07:78:dd:67:09:8d:32:8b:c5:
b7:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:24:0E:AC:40:3E:81:92:1B:4B:D1:DC:0E:D5:13:44:34:61:91:A8
X509v3 Authority Key Identifier:
keyid:6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/zyQOrEA-gZIbS9HcDtUTRDRhkag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.43.240.0/21
144.43.252.0/22
Signature Algorithm: sha256WithRSAEncryption
65:a2:df:02:62:45:c9:5d:ca:8d:1e:6b:8f:90:9e:bc:85:ba:
12:11:63:b8:18:0e:e7:04:f5:c6:21:c3:12:ea:94:3b:67:ea:
2b:51:50:a4:ab:00:81:76:15:cd:57:99:62:a2:23:57:07:0f:
75:5a:42:5e:6a:28:a6:23:4d:dd:95:fd:69:5e:a7:5b:97:da:
01:56:5b:9a:ca:3a:01:e7:bc:bc:75:4c:6a:96:62:5e:58:e1:
35:2d:9b:3d:a7:99:30:5d:13:1d:2d:3d:6b:7a:5b:0e:9c:d2:
15:ee:66:f4:37:36:f3:e1:fe:2a:91:5f:54:bb:62:ba:03:61:
a0:96:8f:60:d3:b7:67:36:86:50:03:3e:d9:ae:9c:eb:18:bd:
ab:d2:0d:12:1a:96:e3:1e:24:2a:16:2d:a3:3c:b9:1f:3d:96:
03:7b:71:d3:a4:5d:f8:09:b1:6a:a1:66:ac:f5:ea:3b:79:6f:
03:05:27:72:5c:07:e1:2b:34:eb:86:97:57:11:05:c4:83:8a:
06:5c:bd:23:e7:3c:85:af:b9:0f:51:d5:2d:87:ac:ae:d2:5f:
36:8e:ca:04:00:b9:c6:b6:f6:7d:f9:1b:a3:f3:9b:b1:dc:2b:
97:ce:84:12:be:b8:15:8a:81:b0:ab:fd:f0:8a:67:92:45:ba:
e3:f2:fb:72
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVw1UTun/6nhvAQv3l2e9t6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDY5ZTE5ZTEyYzEwNDAwNGU4YjRiNzVmOGE3Nzg5Yjdl
MTEzOTYwHhcNMjMwMTAyMDQ1NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjI0MGVhYzQwM2U4MTkyMWI0YmQxZGMwZWQ1MTM0NDM0NjE5MWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+uXil95QYGm7+1LL1PhJPUb6ByH
OCpXzvKRiblnwIqbs31SYsjedCyp4e3l+w2uG6FVLWEe48804mco1/hGhEAANGzU
jl7WD1gOxCfSmobjrIIqircNpSDCc92CR0hNk8VXVI7B5ZFrf1p96PO0HcM4P6w7
t5Ynt1i1pc7ZLQIwza7Cs3FrI7OSQsYMFtl+tkK7d/WLNh0c1CNL27Aco4JiYtkE
eWJUKjQo5UQkpXwQR/HLO2Jy+fVl0qeKq3ZSF7AUU4zwYOPFFYKckbjH4Ny32Jd7
atECOYgZtQHvrzMs/+OnCmqfY5JnRi0nO9qW6P9PiIUHeN1nCY0yi8W3LwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM8kDqxAPoGSG0vR3A7VE0Q0YZGoMB8GA1UdIwQY
MBaAFG0GnhnhLBBABOi0t1+Kd4m34ROWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFhZUdlRXNFRUFFNkxTM1g0cDNpYmZoRTVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9jZjY0ZjYtMDc4OS00M2UzLWJkNmIt
N2JmZjI5NmM2YjAyLzEvenlRT3JFQS1nWkliUzlIY0R0VVRSRFJoa2FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9jZjY0ZjYtMDc4OS00M2UzLWJkNmItN2JmZjI5NmM2YjAy
LzEvYlFhZUdlRXNFRUFFNkxTM1g0cDNpYmZoRTVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDkCvwAwQC
kCv8MA0GCSqGSIb3DQEBCwUAA4IBAQBlot8CYkXJXcqNHmuPkJ68hboSEWO4GA7n
BPXGIcMS6pQ7Z+orUVCkqwCBdhXNV5lioiNXBw91WkJeaiimI03dlf1pXqdbl9oB
VluayjoB57y8dUxqlmJeWOE1LZs9p5kwXRMdLT1relsOnNIV7mb0Nzbz4f4qkV9U
u2K6A2Gglo9g07dnNoZQAz7ZrpzrGL2r0g0SGpbjHiQqFi2jPLkfPZYDe3HTpF34
CbFqoWas9eo7eW8DBSdyXAfhKzTrhpdXEQXEg4oGXL0j5zyFr7kPUdUth6yu0l82
jsoEALnGtvZ9+Ruj85ux3CuXzoQSvrgVioGwq/3wimeSRbrj8vty
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:40 2024 by rpki-client on console-fra.rpki-client.org